Abstract
Counteracting cyber threats to ensure secure cyberspace faces great challenges as cyber-attacks are increasingly stealthy and sophisticated; the protected cyber domains exhibit rapidly growing complexity and scale. It is important to design big data-driven cyber security solutions that effectively and efficiently derive actionable intelligence from available heterogeneous sources of information using principled data analytic methods to defend against cyber threats. In this work, we present a scalable distributed framework to collect and process extreme-scale networking and computing system traffic and status data from multiple sources that collectively represent the system under study, and develop and apply real-time adaptive data analytics for anomaly detection to monitor, understand, maintain, and improve cybersecurity. The data analytics will integrate multiple sophisticated machine learning algorithms and human-in-the-loop for iterative ensemble learning. Given the volume, speed, and complex nature of the data gathered, plus the need of real-time data analytics, a scalable data processing framework needs to handle big data with low latency. Our proposed big-data analytics will be implemented using an Apache Spark computing cluster. The analytics developed will offer significant improvements over existing methods of anomaly detection in real time. Our preliminary evaluation studies have shown that the developed techniques achieve better capabilities of defending against cyber threats.
Original language | English |
---|---|
Title of host publication | Proceedings of the 12th International Conference on Cyber Warfare and Security, ICCWS 2017 |
Editors | Juan R. Lopez, Adam R. Bryant, Robert F. Mills |
Publisher | Academic Conferences and Publishing International Limited |
Pages | 121-130 |
Number of pages | 10 |
ISBN (Electronic) | 9781911218258 |
State | Published - 2017 |
Event | 12th International Conference on Cyber Warfare and Security - Dayton, United States Duration: Mar 2 2017 → Mar 3 2017 Conference number: 12 |
Conference
Conference | 12th International Conference on Cyber Warfare and Security |
---|---|
Abbreviated title | ICCWS 2017 |
Country/Territory | United States |
City | Dayton |
Period | 3/2/17 → 3/3/17 |
ASJC Scopus Subject Areas
- Safety, Risk, Reliability and Quality
- Computer Science Applications
- Computer Networks and Communications
Keywords
- Anomaly detection
- Apache Spark
- Data analytics
- Distributed processing framework
- Large-scale cyber system
Disciplines
- Electrical and Computer Engineering